At least some embodiments disclosed herein relate to cryptography in general and, more particularly but not exclusively, to secure data communications between radio frequency identification (RFID) tags and their readers.
In cryptography, a method known as “one-time pad” encrypts a plain text message use a key or “pad” that is as long as the plain text message and is used only once. When used properly, the one-time pad method has the property of “perfect secrecy” where the encrypted message provides no information about the original message, except the length of the original message.
However, various implementation requirements imposed by the proper use of the “one-time pad” method discourage its use in modern communication systems. Thus, alternative methods that do not have the property of “perfect secrecy” are commonly used. For example, some symmetric encryption methods use complex patterns of substitution and transpositions to secure the information, based on the knowledge that there is no known cryptanalytic procedure which can reverse these transformations without knowing the key used during encryption. For example, some asymmetric encryption methods secure the information based on mathematical problems that are thought to be difficult to solve, such as integer factorization and discrete logarithms.
In a current EPCglobal standard for radio frequency identification (RFID), a cover-coding cryptographic scheme is used to provide some protection for certain communications between a RFID reader and a RFID tag. For example, the reader may issue a request for a random number; and in response the tag provides a new 16-bit random number. The reader then generates a 16-bit cipher text through computing the bitwise exclusive OR of the 16-bit random number and the 16-bit message that is to be transmitted from the reader to the tag. After the reader issues a command with the 16-bit cipher text as a parameter, the tag decrypts the received cipher text by computing the bitwise exclusive OR of the 16-bit random number and the received 16-bit cipher text.
In the EPCglobal standard for radio frequency identification (RFID), the random number and the cipher text are transmitted in the same communication session.